J^^Pt ' 1 Linux Arab Community ^^^^W 



%100 ^JAjL^^JUlJ jJijJUU* cLlLl I JLo-£ AJMl_J3 

! pq jioq-oJ I M? Ln£» 
! ! <_5y _jju I iJaJlS^juJ g^o itJCo 0_j I J I ■ ■ 

! ^jJLrO V I f-qjCoq-oJ I Ja.j I_j 

http://linuxac.org/forum/showthread.php?t=728 

( JLoX ojuj^3 sLjuLil o^SLs) raptor £\SH o^SLst axjLlo 3A ^ao^^JI Ijl& 
http://www.linuxac.org/showthread.php?t=541 

jOjl> sLuULjI ^pIS- jjoJlSLq w jJfS" 3-&9 ^julSj w jjS\ £a&£jo f-qjCoq-oJI ljJS> ^^SJ^ 

.pOStfiX ^oIjl^UjujL JjiuxjI 



.aJJI sLuJ (J I J3J0J ^jJ L@ji.5j3 A^3-iiA-o ajul» - i3JI ojdfe 0X0 
I«_jvjj/I UJuLf- jj\;»M Ails ^f-qjioqjaJI Ijdb AjLgi ot*JS> 

Ubuntu 6.06 Dapper ^Jx aJx. 03^**** ^^juJI) ^^jS^^A j3j+*Mt -1 

^jJjc- ^xjuyo xs?\$ v-ajlSTLlo /LIS* j^juuJI ^j-o «_s4£jijil Loxijc-3 Drake Server 

(Ubuntu <>£- vidLL9u 00JI oJajuuuuJI oLs 3> aJI bo^^-o CentOS 4.4 

+ ^jolaajJI ^.i^juulaJ fjAiLjT J373 + aSLuuuJI 6j..q^>I ^jJLf- caJ^juMI & < f.J>3-' ~2 

oljljuLojwl gAJU JLi_jjui v*-^ 7, "I" CH3"^" s' «^» LoJLi ,ol JJOumJ L £9)3^ v*-**- 7 

xi>i !!J exe. jJjLo) oLIxiLojJI U&V JLj>ijf as-jMt xmxsu + avi, .dat. JLl© 

• 6_/jgJ?j/l (jOAi i_fJ£- J » o ^ ii 1 13 



■ 1_J »J) 



LoL JSLuul, 6>e^yi ^JLf- IP cjJ3jJ dhcp + dns ,o.>L> sLuul.1 -3 



samba 055^) aiuuuuJI bxjj>l 5-0 0L0JLJI ajTjLuuloJ SAMBA ,o.>l> -4 

(antivirus) ^Luu 3 ^-,LaJU jLa^» + (PDC S JL^xJ 



postfix + clamv + amavis-) <^\ m j 3J j\s jLa* + JLmI i°->1> -5 

(new 

LAMP (linux + apache + mysql + php5 + (»*[> -6 

(proftpd/vsftpd 

JlQJLo £jj£>\*}x> «_5JL£ JL>JuumJ LLils oJUl £LuJ jjl Ijdb 4 j-o qjvQ » » i LoJuLf- 

. <jJkO JlSOuuULoJ I Jul?3jJ LDAP fOjl> sLuULil JL1L0 jjS\ 



AjlAjlS) ^^JOLroJI ^ju» «JlSuumJ sLuULil OjlJjlj y j juULi {>$-& I ^jJ /fy^AQq^JI IjJb o%9 

...jJI /Switch/ router, ADSL modem Jl jIjl^j «*&*£ /JL1I3SJI JL»x 

^S^juuuJI JljuuLull -Xj_jJ 4 jJJ3 oJ>Jb\j> tiSJjLMjJ UJulC- -X-^JJJ Ail %j Oj.jl3 LuU JL» 

■ |MJ SojuJ ,_j\JLC JLoJtj Ji ii mJ i oJLxJI 

c 

IajJLJI 6_j3jaJI JLoLuJ 



IojnjVI QjuuuuULi LljLs «6j3jaJI OJJb J\L> ^Ju» 

172.16.1.0 =3* oSluuJI ojl^ ^obJI IP olj^JI - 
255.255.0.0 3J& o&uoJI ojl^. u^bJI netmask Jl - 

.L3JL1 b_/gJ?\U lq---«- fiJ IP Jl ^jj^XjS' - 

Backups «lajuuI |p go jLgj> J373 - 
ADSL ^jjSo jjS* %laJjjlj\ Ja> J373 - 

J3.7 0L03JL1L0 O'i /joLt JLSuuUlj 6_/-Q-3»}vL ajoLsuI O L03 Ln-oJ I ,_j\i8> ojub 

IfljuULfiJ ^S^juuuJI 

: (interfaces) ^SLuoU-LI ^jjul^?^ ,jJLp ^^jl^v -1 

adsl ,oj3-oJL oLajlo ethb :^J 3 ^I 

.oIjuuJL uobJI switch JL oLajlo ethl :a^.LJI 

172.16.1.1/16 =3* ^S^juuuJI Ixg-. ^obJI ijy c5^l u'3^- 

Ubuntu Dapper Drake Server ■■>..;. : J 3 *H ^ajjJiW 

ZoJLJI JajI^JI JM> jj-o aJouuuJI JLiJjuLi ,o-9 

http://se.releases.ubuntu.eom/6.06/u. ..erver-i386.iso 



Loj_j ,_j\jJI j%ol_^jJI fJOJLi x-AjSjjt^ joLibuJI OyJJXi (j-o JlSU OuuuuJI JlXj^ 

■ rt ii « ii o J-J-& (JaJkj 



sudo -s 

apt-get update 
apt-get upgrade 
apt-get install iptables 



:JajIjJI Ijjx> o^9 sudo ^>MJ JLiojolo o** 1 jjujuu 
http://www.linuxac.org/showthread.php?t=528 

<>l (firewall) J 33> jLaJI o' ^s' aS"LJ KjLijii^X Ja> a£jLojlo JLs 

IJlqJ IfluuuULi %J99J-*\9 *L« «V-0-jiJ y* j JuilLuU c&jLqjJI o%9) LulSLC-L ^^JLi 

(^SjjuudJI 



sudo 


iptables 


-F 




sudo 


iptables 


-X 




sudo 


iptables 


-t nat -F 




sudo 


iptables 


-t nat -X 




sudo 


iptables 


-t mangle 


-F 


sudo 


iptables 


-t mangle 


-X 



(NAT (Network Address Translation ^oIjl^umiI 



[root@server ~]# modprobe iptable nat 
[root@server ~]# echo "1" > /proc/sys/net/ipv4/ip_forward 
[root@server ~]# iptables -t nat -A POSTROUTING -o ethO - 
j MASQUERADE 



jLiVL aLajloJI a^jt-I^JL ethO j*s> :alx=>-\L> 

gioLjjJI foljAJLutiL) pppoe ^jJo (j£> ou^ju^IL oJLajI ou^ IjI 

<_jJLc-!Sll tjJLc- 03^ jm ' okj_^jij^lL aLajloJI a^^l^JI o^s /\Llo pppoeconf 

(jlTLjJ ifconfig ^Ml xoj <pppO 



O^l.) JL73J y vjulmjJI 1-XgJ f^S^juuuJI o\S 0J3J734JI oSuuuuJI C^LsLLxj ,JS 

. cSuuujJ Li JLiAjLoJI C »_/5JI JliJl^jJ 

<joJI (kernel module) oa^ojjJI oj^^JI Jjuo^jlj ^^jbj J 3 ^l ^^^1 
^jofc ajlxo^JI 6JL73JI oji* -jol^JI oJI iptables nat ^uu^l JLo^u 

.NAT JLouij ^jX AJ33JUUL0JI 
Jl ajL?^; ^j-c- J33JUUL0JI 9&s . ip_forward JLouxju p&clm, ^LJI ^h»MI 

.packets 
6>g^l ^j-o aajLaJI oLJLLJI dsl^ jl>L ,03-fi-' «5-xJI 3A _^jl>^II ^-o^l 

JljVI ,_jJI «Lgj73JLoJ I3 oSuuuuJI 



) j**}\j£ w^SjjoJlb ^ulroI ^s^juuuJI IjJb %j\s /<LfijLuuJI ajMjJI ^o^vl asLbL 

.LjlIjuujlj (jobJI gateway Jl 3A3 o^l (router 

Ja> JJ^Ljuulj LoJuLf- «uiol>) gjl_> ^-ol osLaoV jrLiL^J OUOji3jJI ^j-o j*j& %j& 

Jl e-o oo^jui^l ^j-o aajLaJI packets Jl ,0^ £u-=u*xi <_9jl^j JU jg (adsl 

.OjJjCoJI oSuuuuJI ^^9 ^DJOOuuMLoJI (aJLu*>Loj «_jv9 J>jl ^jJ ) MTU 

:^-o^l Ijdfe jJQLi /I -Job JLojJ 



[root@server ~]# iptables -A FORWARD -p tcp — tcp-flags 
SYN,RST SYN -m tcpmss — mss \ 
1400:1536 -j TCPMSS -clamp-mss-to-pmtu 

loo^ju^l a^jLoulo <_9L0.1I 3I JLjuuouljJ script sLjail 

o-TjLujlo «_9uLiI 3 1 JLoojuuJ LjlC-Luuu jjJuo SCTipt sLuuljL (O3 P ■ am 

JLiill 



sudo nano /usr/bin/net-share 



:«JI ^JUI 



bin/bash/!# 

start_share(){ 

modprobe iptable nat 

echo '1' > /proc/sys/net/ipv4/ip_forward 

iptables -t nat -A POSTROUTING -o ethO -j MASQUERADE 



iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -m 

tcpmss — mss \ 

1400:1536 -j TCPMSS -clamp-mss-to-pmtu 

} 

stop_share(){ 
iptables -F 
iptables -X 
iptables -t nat -F 
iptables -t nat -X 
iptables -t mangle -F 
iptables -t mangle -X 

} 

case "$1" in 

"start") startshare ;; 

"stop") stopshare ;; 

"restart") stopshare; startshare ;; 

*) echo "Use $0 [sta rt| stop | restart]" 

esac 



i V I ttSj I «ij o i ,0-P-iJ f^jVl 



sudo chmod +x /usr/bin/net-share 
sudo net-share stop 
sudo net-share start 



_JLi^JI (OJLXjuuULjJ aSuumjJI 6J^?I i\iS- 
ijjij^)\ % _p}£' JcpA^JLI JliJl^JI ^-9>f JuU> -ll (O JlSCuuULjJ aSuumjJI oJj£> I jl.xC-1 
IjLgj (joLsJI IP Jl asLol 3J& <aJLrS ^JiiIc Lo JLS" «Ijl? JLqjuU3 Jouuuuli _^ol 

oj<^*oS\ ovs QjhocH* cja LxS" dns AJL3JI3 gateway «uL?JI «_jvs ^s^juuuJI 

:«JUI 



asL^ ^>o ^yoL^jJI oJljL fJa Microsoft ISA ^xj»juujj <jj£ hi :alx?-Mo 
(browser) £o.r».oll oblx^l o' ^Li S <«lqL aJljl oSLuoJI oj^l 

,aS-ji3 LgS^jJil /(JIc^jLC- «sl «_*JLt ^cpJXi V ^jnjuulS^^jJ L ajioLsuI 
^1 ,J-^3 / ' Jl ?' '"^G*" *»*JLo^ NAT (oIjltOuuuL Ou^jlj^H oSjLuULo «,oJljIj Lo*£ 

.cache (oxajuuuui M a.JLojJI ojj&> o^ /gja-»ojJI «_jvs ajiJls ax-^juu Ic^jtscpj 



:DHCP ^ojb- aaLol -2 
netmask Jl 3 IP Jl o's^ «-*JI osLo^JL dns Jl s gateway Jl o's^ 

.^3jLuu CaS^ o^-9 VIS-*-* ojIjl£-I fiJ «3-mI 

oIj»j^3 gateway Jl u'3^- JL>->I uLs 'aLb oSLuoJI oj^t-I ouslS" bl 

oLjJ o^s 3J JL«jxj ( jAJ3 tdjjuS aXSLuuLo ^jc^Sui ^jJ L3X1 ip \j\$jS'2 dns 

jj&\ %j>& 0J373.0 aSuumjJI 6j^gj?l o»jLs 3I VaSuumjJI <_**-9 jjS\ 3I jiLgj? 1 30 

■ «1 1 O 03 AjlXjiO ** O Q O Ojdb Oj > » »»> LaJL7 :|jLS_0 jj-O 



JLiJlXj ^5! OuXj /(O^LtJI ,_jv3 aSuumjJI oljl.Xf-1 dsl^^jA? V*- 7 ! «LuAJCmI 
«Sl Jj|->-*-» <_(JI O^LsJI O3-} <OJl?3 _jJ9_jjuuULj I JLiJlXJ <_j*-*-£- Uj „**' 'Ijm^h 1 . 

.dhcp JL>Ju| Lob .<iSujuuUL.il oj4£>\ i_fJ) £ % _fuuu 

0I3J-*- aSIuuuJI 6jug^>l JL13JMLJ 1O3AJ; jvoL^j ^jjt djljfS- dhcp <«_9_^Jtj V (jxoJ 

ojLLxc-^ aSuuuulJI ovS jUs-? JLSU vuibjui (jl oj^LsJI os-* 'I-6j %joi> ip 

^fJLf- JLuxsoJ dhcp fOjL> (oIjoOuuuM aSuuuuJI oj^j?! asIS* jIjl&L ^3AjLuj 
dns JI3 gateway Jl 0L03L10 oJLt JLux^u lL,I 3 L^. ^b ip u's^^ 

■ *jJI JLSjuul. dhcp fOjL> JM> j>o 

DHCP fOjL> Ouuuui 



root@server ~]# sudo apt-get install dhcp3-server] 

i^Zt^j* Aj ijoLsJI jIjlC-MI i_fiJLo .o3Ijl£-L f>r>.QjuuJ dhcp fOjLsJI Oijuuui JUti 

:etc/dhcp3/ JJjJI ^s 



sudo -s 

cd /etc/dhcp3 

mv dhcpd.conf dhcpd.conf.original 

touch dhcpd.conf 

nano dhcpd.conf 



:^JLJI 



ddns-update-style none; 
default-lease-time 600; 



max-lease-time 7200; 

authoritative; 

subnet 172.16.1.0 netmask 255.255.0.0 { 

range 172.16.1.100 172.16.1.201; 

option routers 172.16.1.1; 

option domain-name-servers 172.16.1.1; 

option broadcast-address 172.16.1.255; 

} 



a-pJLSjL Ijuu iS-xJI j IoumuJI 3J& oJl3jJLo I ■ -> q ■ jl*> j-*^\ <v-flloll I JJEb «_jv3 

range 

172.16.1.201 Slfy ^l 3 172.16.1.100 ^ ^Ml ^U ,55^ oil b&V 

ip «_*JLc- Jj^lsci LojuLf- oSuuujJI «_5^s jiLgj? ,5! (j I jLuu ^jjLjIcpjul ^jjjjub 
172.16.1.201-172.16.1.100 o-*^> e^b "P «-*J^ Jj*xxuuj oils 

:,_jJLdl «JlLJI jjjSfULM f»Ji /vjiJLJI Jaa^u o' •**-» 

sudo nano /etc/default/dhcp3-server 



:^ill U3^J «>^-^s INTERFACES o^ Ooul 



"INTERFACES="ethl 

dhcp fOjLsJI JLotjuuLiLi ,0^9 

sudo /etc/init.d/dhcp3-server restart 



Jl?^j ajI Ja^MjLmi /aSuljuuJI ,oJulo Qao^Jj ,_s>jJI 6_j3-»aJI »_j>-9 *" J lbi>y lil 
. OjJo Lul9 I QajULJ ^jjJ^JJ (OJl^OuuULi JiLgJxJI Ijdfeg baCKUpS «LojuuI ,f»Qn jLgJ> 

»jy «3'l iJ'S-**' j-***-* fi-*->. ' oi ^-JS-J-* -" O- a -»^ 'i ^- jUs-? °^sS 
.3J& LoS OuLi jLgJxJI I JJEb (jl^jLf- »J_/J Li-J-f- >Oj jjoLxJI 

.mac address «_jJLc sLu uuL ,„*« ,5! 
ova oJLJI _^o^ll julAjuj JliiCoi aj (joLsJI mac address Jl %JijJjuSj 



(t_«y fjuSl J3JUL13 i_fJ£- JLoJO ail ijB^S <_sJL£-) fltafli jLgjJI 

Dos> ipconfig /all 
.«l3uuuulj ,0^9 *mac address Jl oUt*-*-- «^LI _jqI>»- — 



^j-o ^>3-fi-« o' U5 J J*c*** mac address Jl «_9Luuui£^J aajL asli^Ao 

arping ^ill ^Ij^umjI ^a JLLSlo 



■ AJuuuuLi jO 9 /OuuLo />,jkj |oJ J L? »_f>-9 



sudo apt-get install arping 



[root@server ~]# arping 172.16.1.7 

ARPING 172.16.1.7 from 172.16.1.1 ethl 

Unicast reply from 172.16.1.7 [00:14:2A:F5:44:FB] 

0.634ms 

Unicast reply from 172.16.1.7 [00:14:2A:F5:44:FB] 

0.647ms 

Unicast reply from 172.16.1.7 [00:14:2A:F5:44:FB] 

0.650ms 

Sent 3 probes (1 broadcast(s)) 



mac address Jl LJ ^suJjjS\ «5> Lo^" 
loJUJI ,Jlu>\ dhcp i-» u^bJI jIjl^^II *_oJLo ^ #o^' 



host backups { 

hardware ethernet 00:14:2A:F5:44:FB; 

fixed-address 172.16.1.7; 

} 



: JLSLuulJI IjL^j os^y** i^Le^l *\xs>y\ , olo 



ddns-update-style none; 
default-lease-time 600; 
max-lease-time 7200; 



authoritative; 

subnet 172.16.1.0 netmask 255.255.0.0 { 

range 172.16.1.100 172.16.1.201; 

option routers 172.16.1.1; 

option domain-name-servers 172.16.1.1; 

option broadcast-address 172.16.1.255; 

} 

host backups { 

hardware ethernet 00:14:2A:F5:44:FB; 

fixed-address 172.16.1.7; 

} 



:dhcp ,o.)L?JI JLoLJuui xs>\ o^l 
sudo /etc/init.d/dhcp3-server restart 



:dhcp (OjLjJI ^ojl^ouuuuJ aSuuuuJI oj^>\ ^Ixc-I 

.jLgjJI JLjlXjuULi JL&I3 o^cpAJI «_jv3 £^©3-° 3* Lg-S" CsIjIjlC-^H vJ^j I JoJP-9 

^oIjl^umiL ^ajaJI ^j^juuuJ (cache server) jk»\£ ,o.>l> asLol -3 

: squid 

fcjJoui m ii aSuuwjJI i>j4£>\ JLS" (jl-9 NAT go I JlSOuuiI L OO^jlj^I ^JjLmJLi LoJuLf- 
ONuuULjJI (JajJI jjX \x£> /^c)jl9 O3-V _>JuilLyo JLSuuULj Ou^jJLiVI ,o I Jl^OuuU I 

■ QA-iA-iiJLI 

JLufc &uaj 3 M-olii-xj e^>3JI oLs proxy server ^au^oj Lox^s- 0^9 

T r% o m o ^jjl^ 3A L03 ajJI J3J103JI rq omo 3A Lo Ou? O" J**^ i° "^* 

w j-»S' jiLg^ »5's CAj^jLiyl |oIjl^juuuI aJ r,o o ■** o jiLgj? 1SI3 <aJI J3J103JI 

.QAaAaJI oS'jj^i bjLji ,jX IjlC- <oJ rq aiao 

:proxy server ^oIjl^umiI JJI3S goju <>«» 

(IJlS" <LC-LuuJI ^jJI IjlS" «Jl£-LuuJI yjjo) QAjAaJI LAJ3 JliJl^Ci OaJLSLoI -1 
. ¥ (JAJ0JI3 QJQLiAjJL ^jjuo JOtiuuULpJ I (jAJoJ ^LouudJI AjljLSLoI -2 



.jLgjaJI % _ f uf % $\ tjJLt cLj QJLiojJI v*-?- 7 «jyiliol -3 



JLojJL Jaas e^hg^JI 
J3J103JI ,oj o^-«JI c»L»jL»oJI % jjjju ^jjs- JLojo (proxy) ^j>juul^3^jJI -5 

lg — °- OJCgjoJI Q«-9 JuJb (jJ «LiV f-j JWll QJLrAaJI JjLSCl OuXj /LgjJI 

■ LgjLo ajj^jo AJXjmULi Xb^jjlb jOc^jDj joJ la «* Q 6.X7I3 b_^o JLp t^jjui jjo 

%S*} « S» o 1 13 AjlSulo Llj ■> OCXjju*> I Ou^jJLiVI ^3 I3-0 v*-'-*' I /_^J^>LxJI 01^)3^ »_j>-9 

!y OjjjS (Luutll 0^-9 ijJfJL* %S*) « S* 01 1 1 ol O- i°^' - /-»~3 / Lui JlC- LuULo o^-Lt J-*!-** 

. ..qJI ij^mo ifjktMji fjotfjS- /banner J I JL«_o ^I^ojlmjL ^.ajoj 

JLo_9 Lol) fOjMJI fl^^MI JL20I3 JD03 Loj-9 £_sl3oJI oJJtb «53JL?uo ajmjIjJ 

:squid ,ojL?JI ouuuui 



sudo apt-get install squid 



!ojIjl£-L IjuuJ /OuuuuJI i_t Q ■ ■ * *jl jLlL f 



sudo -s 

cd /etc/squid 

mv squid. conf squid. conf.original 

touch squid. conf 

nano squid. conf 



:^oJLoJI oJI oJUl 



httpport 3128 
visible hostname server 
acl all src 0.0.0.0/0.0.0.0 
httpaccess allow all 



JuLmj ^julmiS^jj |OjL> ,_fJLf- J3JOL3JLI ajlSLS^ ajo^vI _jj L»..ill oJJBtt 



.l^JI jojliJI JL^AH JaAjuuj ^1 (port) «uh»JI :http_port 3128 
•~>L>') ^jlo 8080 oJI o^HULiti J,(o! ijk} 3 t% ju^\^3^\ 3* 3128 ^^Jl 

.( \jjuS fO^^JI IjJb J3Jou ms-isa 

,ouu>jl ,sl osLol J.^o. L* /,ojbJI ,ouuiil :Visible_hostname server 
(server) ^LaJI Ixa* ,ouuul 05^ o' J*oj*-» 0^5 '-v^h 

^>U> :http_access allow all 3 Acl all src 0.0.0.0/0.0.0.0 
JS ^jls. css^a all l^ouuil )acl (access control list oL^ ^^JouuuJI 

■ b_^9 c^JLobJ I ,_jy ,5 1 J I ^jjjjIjl^ 
. ^jsJujSgjjJ I |0 1 Jl^JuuiI Ij O^J «3' QajuULi ov&3 

: s j>j^L^ ^.QjflijLO J I .>I.X£-L | o-93 v j\juUL^3^jJ I JLotjuULJ JlC-I /oI^IjlC-^I lajjaJ 

:j3^ 
sudo /etc/in it. d/squ id restart 



iQfijAJLoJI jl.Xf-1 

'.jjS\ cloXSUuo oljl.xC-1 (LmJLjI 
JjLSCii Lgjl ,_jOb tjJLC-Vl «_JvS Lgj^^j ^JNjJI OJtJ^Vl _jjL»--ill. <iJLSuuUL.O J I 

i<aXi_j.j jf jj-^j £<_pjuii 1*7 lo IJL&3 g^ii oJxU jSi t^juot} (j-ol ^jJfS" «_jv*a*j3_^.j»J I 

. In* Q 9 ajJLscoJI «iSuuuUuLI jSit^jua jjvjuii.^g^jjJ I JLxJXi jjl -Xj^J Jj 

I© I jctOuuu L ln>P 9 oSujlmjJI bjhg^lv ^.ojuulJ3 LLol jjSl ^juujS*}jjJ\ JjlsoJ 

. J3VI ^J-O "IjulAJLi" j.j£\ jl.Xf-1 >.flio sLuULiL |O3J0juuiI / ^J\JUUL^3^jJ I 

:j3^ 



httpport 3128 

visible hostname server 

acl all src 0.0.0.0/0.0.0.0 

acl manager proto cacheobject 

acl localhost src 127.0.0.1/255.255.255.255 

acl SSLports port 443 563 

acl Safeports port 80 # http 

acl Safeports port 21 # ftp 

acl Safeports port 443 563 # https, snews 

acl Safeports port 70 # gopher 

acl Safeports port 210 # wais 

acl Safeports port 280 # http-mgmt 

acl Safeports port 488 # gss-http 

acl Safeports port 591 # filemaker 



acl Safeports port 777 # multiling http 

acl Safeports port 901 # swat 

acl Safeports port 1025-65535 # portas altas 

acl purge method PURGE 

acl CONNECT method CONNECT 

httpaccess allow manager localhost 

httpaccess deny manager 

httpaccess allow purge localhost 

httpaccess deny purge 

httpaccess deny ! Safe ports 

httpaccess deny CONNECT SSSLports 

acl localnetwork src 172.16.1.0/16 

httpaccess allow localhost 
httpaccess allow localnetwork 
httpaccess deny all 

.La oxijlsJI acl Jl i>o as- jL^cp ajI Ja^^J 

\ LoJ^3 IolP 9 LgjLo (j-iuui I c^Jtb liiogt Lo / lioQi Iql S (JjULjJ ^jSJg 



acl localhost src 127.0.0.1/255.255.255.255 
acl localnetwork src 172.16.1.0/16 

3 jb 3 127.0.0.1 u'3^*JI «-*JLt s53^v (acl localhost) J 3 *H jJajuuJI 

^jJLt s53^v jJajuuJI h c q (acl localnetwork) ^LJI jJamJI L»l 
(172.16.1.0 3A aSLuiiJI o'sj-c-) LiJuLt aSLuuJI o's-^ 

IiXJEbg *5_j-^l _jj Luwi 3 LLXA03 LLil -kx^V LaajI 

httpaccess allow localhost 
httpaccess allow localnetwork 
httpaccess deny all 



aSujlmjJI 6j^gJ>!v3 j_9jjuuuJI IJLgJ ^ami LLiLs iajMjJI _jj MuudJI oJlQj 

.(proxy) ovjuulS > 3^jJ I ,oljc30uuul Jaas 

^JajuuJI VJUL1A3 Ijj ^gJiMj ifi-tyO % r JLMjijjJ I !«LkX7^Lo 

:j3^ 



httpaccess deny all 



jj-o y s j\juul33^jJ I |oIjl^JuuuI c: muuuuli ,jJ 0LL9 ,5_^>iH _jj !—..■ II JjlS 

IaSuumjJI 6^-g-^l ,j_o V3 ^S^juuuJI 

■^>vl o^s o^ii ol «jJLt %j°j^* 
:^LoJLJI 3 oLxajaJJ (cache) ^LSJI jIjl^j 

ji£\s JLxjUi squid ^s^jumj «_*JLc- LLa? Lils *aiLtLuuJI «_-»l.>lxc)JL 
oLs<jjflJLI ijjuLS' JLo.»-i ^ UbjL?3 oIjIjl£-^II ojjb 0^3 #LLol 

■ O I Q I o 1 1 q 

(I3JUJ i5>jJj jjuouj ^jJ dLLs /aAjLaJI oLIjlC-MI oJLt ojloJL£<I b) 

.0JL73J NAT oJLt ouAj 3I squid .^3 

j^ajLSJI t'3-"' «^>*-o ^5' L^JLt /^ajLSJL Aj<obJI obljL^yi c^^juuuuJ 

: ( >juLil 0^3 squid o^s ^LogXxoJI 

ajJ3Jl3coJ I^Jaj jjijLto AASJ3 gj^juu ijajI^ 3A3 /(RAM) (0I./JI (jAil^ :1 

4>o iLJLs LLol |jja>3 (hard disk) vJLaJI uo>aJI ^jJo s - J* 3 ^ ; 2 

fol_^JI ^j-o Jjli v*-LaJI jfl^iul ^j-o LgjC 1^.-9 ,oJij oLgJLoJI (jV /^3jLuuJI 
3 1 «^JLraJI ^jOjSkJl fiJ>J> isslS- jLoJiJtj <LoJX^3 _/-»j-j (J-fLA-aJL AJLSJ3 

• AjlS J3?3^JI jQuuULttJI 

oLxfljio JjLo ojjJuo oLqJLo 1 jj - /^oJ jiLlo.« |ol_^JI «_*ts 4 j_j-^-°JI jj**LSJl 

•o^juLraJI j£3oj\ fjojtj^ html 

jjj^jjiij jOJOOuuULi ails v^uLraJI % jOjSkJl on9 J3?3^JI (jjuLSJI Louulj 

3 1 apt-get ^jJo ^jx I q ■ » » ■ » p-* «_soJI |Oj^JI JL»-o ojjuS 0L2JL0 
.oLaJLJI o- >*' £3^ <sl s' Windows Update ^LoJL> 3 \ yum 

VUI ui-lT jlj^j 

osLol % 3-> m j^> s " fi^U- ^J-X 5, i******* v* *-" (RAM) jol^JI oul ->I.X&j 

:squid *\x£>\ *_oJLo ,_*JI jL^JI 1.x* 
cachemem 64 MB 

^jjJJXjJ f» JOkJLMdLJLMl <Jjlo5JI 0.X&3 (ol^JI O- MB 64 \ijp& Li I Ja^^J 
• goA^J I ojjJuo %Sj^ I s Luui I3 J3J0J I3 6_/jJtAoJ I o LslPjoJ I 



|ol_jJI % jS lfl«-« : (jl .JLU) / <i.ojL.Q J I oJJtb .j-oLii LoJutC- ajuljI IoJa^jLo 

sLuuilhj gVoljuJI JLjlXjuULjJ (ol^JI <_(JI C,Lii3Cf L^Hl' joLLsuJI) *t) XJS> ovjJI 

■ LgJO^j 3 1 (ol^JI jjjULA> Lol AajlAJI ojufe (Jc^Sui (J I JUolOj; (*5_>>l 

LljLs /,oI^JI ^^9 (jJulSLU LtbJJX7 joJLjuwJ ,_jOJI aaaSJI JliJlSCi ,jX \x£> 

maximumobjectsizeinmemory 64 KB 

gjl^oJI oLxJ-KflJJ ^JvSlS^ AJUWI 3&9 ^JlAlO itt-PC?- L_JJL>I LjI Ja?v 

l-X&t uOjlaojxj (j»o Jxi lqli_/jiJ |OJu Jl9 6_jjulS oLfiJLo ^jjJk^J tjJLt 

:(hard disk) vJLaJI u^^aJI u^l* jlix.) 

l _^5J3 . v* a |° 16 «jJI !(}«•»•* oLfiJLo ,j-»J jJjuLSJI Ijdb ^jjJ^Ji 7"q l jji-i 
JLii-o) OjjuS oLfiJLo (jjJ^jJ | oJX.2>JI IjJb bjLji ^j-o ^aUfcjLobj S^snjuJ V 

( (packages) &oIjjJI jojj- 3I Windows Updates 

maximumobjectsize 512 MB 
minimum object size KB 



UJJl? L1X1I3 (•v > |0 512) AAjjJGi j\ai i ^*- 7 «Jv*Ol9 I JliJl3<jlj I ■ o 9 Ldfe 
_jjlKj £ > t ,_j\juij JS (J I (_jvjLKj| Lo-o ■ *-* ■ J ) AjijJ^j j\oi jOJX^ 1 JL9 1 

«_9jl?(j squid LtbjuLC- Ixuuuu ^uJI a^oJI ajuuuuJI .xjjou o^I Ly^-*- 

. (jjulSJI ,_jvS 6J3-73-0JI O-ojJJbJI oLbJLoJI 

Os^j Lojulc- aajjlaJI 0U2.JLJI aJIjL squid Ijuu *,_ju*>IjJL9I JlSLouu 

jl «jJI €JLObjjL&JI pi pJ-oJI «_9Jl3U _j o, i am 13 /o95 AjlmJUlj S«_jJLiLo.o (jjuLSJl 

%90 «jJI (jjuLSlll sMjloI ajuuulj uolPjoLi 

'. ij-uJ LJ I |j-_j MuudJ I ijlio I 

:j3^ 



cacheswaplow 90 
cacheswaphigh 95 



^jS- ,oJij I JA3 % J»t LSJU go Jl^juuuuLmi <_jv«J I d? LuULoJ I jp& XJufXS' sjJCLi ij !y I 

:,_jJLdl ^LltJI osLol &*jlo 
cachedir ufs /var/spool/squid 2048 16 256 



|Oc^£-Xo pq -i ^j-o jjS\ >-?«H! ' **-° I -XXJuuil I joJuumJ iS-xJI (jjuLSJl p- cj J 3-fc UTS 

, %J j£t\ J j^3)i\ ^}jj ^JLlSLoj <aJLroLaj «jvs t y>3>l ^jJ o^*^3 squid «jvs 
.oLaJLoJI «u^ u>^"^» <3jJI o^oJI 3* var/spool/squid/ jLuuloJI 

jj-o Lfejja^ joJuumJ ,_j\jJI d? LmULqJ I <_jo&3 MB _IL <j.ojl.qJ I oJJtb 2048 

.OJjl Ol Uj-^Uj ^LlSLoj /(jJuLSLU yJLpJI ijOjSlW 
JLi JL>I^3 | o^QjLajiJLil joJuumJ jJLxo 16 jjl jLuJIj 256 3 16 ^jjLO-fl^J I 

.ysS-jB jJbxo 256 JL7I3 

0-^3 i^ttJLJOuuULoJI oLnXoJI (oLLxi uurt? «JJJLl3<j O I JlLxqJ I folfijl 

squid _■ u^bJI log Jl vaJL> ol£* ->-^^« ^JUI jU^JI 

:j3^ 



cacheaccesslog /var/log/squid/access.log 

MjJb 3-fc aJLiJlXj LulSloj LajI _>>l jl*^ 

:.>3^ 

refreshpattern '"ftp: 15 20% 2280 
refreshpattern ^gopher: 15 0% 2280 
refreshpattern . 15 20% 2280 



f o3Ajuwi squid ol-9 'l-e-*- j^'s olsjl? IjI ^>l ,o\131j *LoJl.> uajuJI 

. Q L-Pj-Ji-O. J I jJJULJ^JI JLfeLftjLJ 

JLs (^iUxIL) ojUooil ucu ^sjJI o-oJ-ll squid J jjou ^LcxJI 1.x* 
(JLLoJI JLuumj tjJLt html oaajo) ^jjuLSJI «jvs 3373^ «_sJLo ^oas 

<_s*-9 6 J3734J I AjJLrO V I aJCgjflJ I <_ftS Oj Ji^cii C-» Jl7 jb jl ,3_jjJ 

.*! 3I 0«>Liiil 



Qj*x9 ojLcI Jjls oAjlsj 15 j U ■ i I squid JL««j (15) J33JI ^^Jl 

0^9 J3734JI v-flloll ^oA7 (JjulOJ 3J& (jjulSJI tjv9 J3^>3^JI «_sJLoJI 

/ijjuLSJI o*-9 .Jjj^o^oJI aJcftjflJI jLt^jMLj ^oJumOjuuj SCJUICj O^ OLJ^JLiiH 

>t_fJI JLSuuULi rtJXJ-»flJI CJyJtJXjkj (Oc^flLiuuil AjLs ,o^3oJI >.fl 1 » "> I Ijl Lol 

^JlJLoJ jXoj 6X0 ^5\jiOl9I <_jvjLRj ((juiocp «_jvjlXj; 2280 ) oJLJI ,o-9_jJI 
^j-o ^Jiil ojjoS- J373.0 «_sJLo «sl '«— U-*-^-* 03-V ijJjLSJl *_**■** «i*3ioJI 

■ «uft.x9 joJuumJ ajLs IjJBtt 

i^JLjouuj squid Axs>\ «JlL> oLs /l^-LS" ol^LcaJI ojj&> asLol juo 

httpport 3128 

visible hostname server 

each em em 32 MB 
maximumobjectsizeinmemory 64 KB 

maximumobjectsize 512 MB 

minimum object size KB 

cacheswaplow 90 

cacheswaphigh 95 

cachedir ufs /var/spool/squid 2048 16 256 

cacheaccesslog /var/log/squid/access.log 

refreshpattern '"ftp: 15 20% 2280 
refreshpattern ^gopher: 15 0% 2280 
refreshpattern . 15 20% 2280 

acl all sre 0.0.0.0/0.0.0.0 

acl manager proto cacheobject 

acl localhost sre 127.0.0.1/255.255.255.255 

acl SSLports port 443 563 

acl Safeports port 80 # http 

acl Safeports port 21 # ftp 

acl Safeports port 443 563 # https, snews 

acl Safeports port 70 # gopher 

acl Safeports port 210 # wais 

acl Safeports port 1025-65535 # unregistered ports 



acl Safeports port 280 # http-mgmt 
acl Safeports port 488 # gss-http 
acl Safeports port 591 # filemaker 
acl Safeports port 777 # multiling http 
acl Safe_ports port 901 # SWAT 
acl purge method PURGE 
acl CONNECT method CONNECT 
httpaccess allow manager localhost 
httpaccess deny manager 
httpaccess allow purge localhost 
httpaccess deny purge 
httpaccess deny ! Safe ports 
httpaccess deny CONNECT SSSLports 
acl localnetwork src 172.16.1.0/16 
httpaccess allow localhost 
httpaccess allow localnetwork 
httpaccess deny all 

jlilo L0L1I3 LL0I3 JLoLSIj jjS\ jIjl£-I «_oJLo % _fSs- LJLaj? LljLs I-xqj 

oSuumI «_5vS SqUid (oIjlSOuuU^I O.XjlT' CsIjIjlC-^H 0.X&3 (jJdLSJI (oIjlSOuuU^ 

■ 6 mJU0 
I^flLiAjJL jQbllaoJI 

^SLiOuJLj (jAXjJLI ^oiUi Oul^j QAaAjJLi ,o SotJLi (J I «jJI jrLiLXJ LLl^I 

ttJcttjoJI «_jJI J3J1O3JI C: * O- ^? ^ »"*"3 <^ _^>Vl (jAJoJI^ 

. jjyll / !({;•*•» V*-?V 1-*-^ OJcftjoJI^ /£jJajuuUU> y 0~°3 OJiiMjlJI 

:c-»LJL^3l (domain) i _ h «-o3jJI ,ouuul «jJLc pLu £9l3^JI m» 

^sl3^JI %m sSS- ^3JLxJi ad asLiCoI 3A aJLxS Ij-*-L£- Lo JLSls « «uajuuulj3 

i^yXS /LqJ i^M-c-I L>^jUi osLol UbjutJ3 l&xijj ^1 00JI 

:j3^ 

acl blocked dstdomain hotmail.com Microsoft.com 

msn.com 

httpaccess deny blocked 

dstdomain jLsxW &> blocked l^-o^l acl tLuo-L « ■> o 9 L* 

JojjmjJI asLoL »> o 9 ,oJ # ^G*"^"* -V-J^ oOJI &9I34JI UbJLRj CAAJC0I3 

httpaccess deny blocked 9*9 I^ljou ^jJI 



www ooELmol (I3MI LqjJI J3JA3JI j(«; ^sl^uJI ^j-o >*i^ :*Joo\Lo 
&s>oJI o^- p I:s : www.msn.com ts^-oJI squid J ajuuuuJL t )J 3 \ 

msn.com 

J3J03JI Qj » » ln> » m>» 1 I^JIjLo Q-yo -X.>juuul.qJ I 0^9 mStl.COITI Pulx? Ijl 

JLJLt vjuuuuJI Ijl^J www.msn.com *uL£ ^>Jo o^ e^s-oJI «^JI 



l^JLST L9JL9L0I Jajols vjnjo-SIi /UbjLi^j o ^' e^ls-oJI ->-*£■ *-*^> »ii«^«»i 

^JojuuJI (J I Ol_kX7V Ijl (j^Jjl) ifAjJ&J Iq--- JLlAjELii 0I3 A7I3 jJAjjJ \J& 
c\S'\jja g-o (jAJ «_O.JLo o%9 £3l3-oJI asIaoI .jLVoi oils \jjuS J3J0U Ixi 

: v jnj^I^ 0X73J ^Jajmj o%9 ^954 JLS" ^03 



sudo -s 
cd /etc/squid 
touch blocked 
nano blocked 






msn.com 

www.msn.com 

hotmail.com 

www.hotmail.com 

microsoft.com 

www.microsoft.com 



: v jnj!!JI qjliaj «-*jjxj jIjl£>!!JI jjtt 

acl blocked urlregex -i "/etc/squid/blocked" 
httpaccess deny blocked 



^AAu ^LouuuJLj "aJLoLS" Ou^.ajVI v t -C3C5' JLaAJBJ Jl9 jL?yl JoJU <-T-9 
loNilSlI JLoJtl oJbJI ojdb ( ^ <QAj*xJL JajQL9 {idhguJI 

acl allowed urlregex -i "/etc/squid/allowed" 
httpaccess allow allowed 
httpaccess deny all 



^3\ 3 uJ\ % _ f Ss> ^53jL9u $3*9 allowed oajujI <JlL> LLoujI Lil Luj> Ioj*)) 



http_access) ^^sLJI ^loj Los pj I q a ° -*» - ■ ^LouuuJI xi^j ^joJI 

(deny all 



jOgJLi ajLs ^34 sjOOO LoJuLf- fSqUJd ^j-o AajJl^JI oIjIxrO^JI »_jn.9 

(jAJtj -X-^cp IjJtb g-O (jSjif /«_5vJI JLSuuULi Aj (j£>LxJI IP (jl^jUlJI i^tSXSXj 

LgjJI J3J1O3JI ,oJij Jj /^J^o^J | ojuuI ,_fJLf> ^53JLaJi y <_jvjJI ^9lc^oJI 

!«_jvJLjl osIaoI «iliiVoii Iq«- 1 ttajjjjViua IP J I yjlt^jS- osIaoL 

acl blocked-ips dst 216.239.57.99 216.239.37.99 
httpaccess deny blocked-ips 

$ host google.com 
google.com A 216.239.57.99 
google.com A 216.239.37.99 

.jLvoi Ails AjuULo v_»LoJL£ ^jJS- 1S3JLXJ ^svjJI ^9lc^oJI v*- : V *^Oj»l lil 

jLlsJI (oIjlSOuuiiI dUj 

: V ^ML^ dstdomregex 

sudo -s 

cd /etc/squid 

touch blockedwords 

\ JL1L0 Iq«-" -V_/-» «jOjl 0L0JLSJI - 0JL0JI tjvS *-flL»ol ,oJi 

porn 
Porn 

gay 

Gay 

lesbian 

Lesbian 



loJLJI kJlu>\ squid jIjlC-I «JlL> ^a ,oj 

acl blockedwords dstdomregex 
"/etc/squid/blockedwords" 



httpaccess deny blockedwords 



: v j>jiVl^ qmojuuj jIjl£-^II «_oJLo oLs /ojlijlsJI oIjLjJI asLoI x*j 

httpport 3128 
visiblehostname server 

each em em 32 MB 
maximumobjectsizeinmemory 64 KB 

maximumobjectsize 512 MB 

minimum object size KB 

cacheswaplow 90 

cacheswaphigh 95 

cachedir ufs /var/spool/squid 2048 16 256 

cacheaccesslog /var/log/squid/access.log 

refreshpattern '"ftp: 15 20% 2280 
refreshpattern ^gopher: 15 0% 2280 
refreshpattern . 15 20% 2280 

acl all sre 0.0.0.0/0.0.0.0 

acl manager proto cacheobject 

acl localhost sre 127.0.0.1/255.255.255.255 

acl SSLports port 443 563 

acl Safeports port 80 # http 

acl Safeports port 21 # ftp 

acl Safeports port 443 563 # https, snews 

acl Safeports port 70 # gopher 

acl Safeports port 210 # wais 

acl Safeports port 1025-65535 # unregistered ports 

acl Safeports port 280 # http-mgmt 

acl Safeports port 488 # gss-http 

acl Safeports port 591 # filemaker 

acl Safeports port 777 # multiling http 

acl Safe_ports port 901 # SWAT 

acl purge method PURGE 

acl CONNECT method CONNECT 

httpaccess allow manager localhost 

httpaccess deny manager 

httpaccess allow purge localhost 



httpaccess deny purge 
httpaccess deny SSafeports 
httpaccess deny CONNECT SSSLports 

acl blocked urlregex -i "/etc/squid/blocked 1 

httpaccess deny blocked 

acl blockedwords dstdomregex 

"/etc/squid/blockedwords" 

httpaccess deny blockedwords 

acl localnetwork src 172.16.1.0/16 
httpaccess allow localhost 
httpaccess allow localnetwork 
httpaccess deny all 



:(bandwidth controlling) ou> 3 jLiLJL ,o<T^JI 

fiS JliJlSCi I ■ ■ V oi » OuLXj Ou^XiLaJL fiSisuJJ *Iq — clSLbjJO j.9^j SqUld 

«i>3XiLjJI l j_o fiS jliJl9jj3 |0 1 jl^Juuu L Squid J r.q a'UQ *- *HI3 ■*-• vJ I O- 

,_pjJI % 5j>})\ oLoJJxJU ,_j\SLJI ^}jJiJi OuAj fO JlSOuuULo JLSJ ^3 -oumJLo 

.delay pools o^ojuuli ^^1© o-^ i**** l**3 ■./A^****-!' Lfe.^3*** 1 
JLolxJLi »joJI i ojubJI uLs delay pools £_o JLoLxjj Lojulc- :<doc?>\L> 

■ Cu LaJ Li (Jj^Sji lg* ■** 

512 = 512) uuL 65536 Jio- lid* oLs ADSL 512 Lx> JLjJ hi 

(kbits = 65536 bytes 

x^jJot) 8 «jJLt 512 (loiaPi CJt o ii &&j LmjJ I aaj LmUOU I OjJLqJU I \ dJo? \Lo 

.ouUL AAJLidl «jJLt JLolsu IxSj& 1024 _• ^jvsLJI 

128 (jujxiL (_s"**^l squid ^Jaxj c*jpu UjjJ «sjJI JojJI ,ojuulq-J 
^s^juuuJI ljjj> Ub^s^juuu ovjJI ^5^>^ll oLojl^JJ oSjJl* ^jJ*LJ\ 3 kbit 

.kbit 32 (Ojjxjluulo JLS" ^jJaxj3 

16 = 128/8 :aJ^*L, 

16384 = 1024 x 16 

4 = 32/8 

4096 = 1024 x 4 

squid jI.xc-1 «_oJLo ovs J-xjuJ ajuLuultJI a Jo«IL Los o' -*** 

:j3^ 



acl localnetwork src 172.16.1.0/16 


delay pools 1 


delay class 1 2 


delay_parameters 1 16384/16384 4096/4096 


delay access 1 allow localnetwork 


http access allow localhost 


http access allow localnetwork 


httpaccess deny all 



lg.i-»;..i. ^j| j\ i AajlS ±jua3\£ 16384 AajlS UJJl7 LljLs I.X(£j 

■ jqjljoLjuulo JlS" Lg-o jjuuuuLi o' o-Slo-j! a^jls ^fwiAsL^ 4096 3 squid 

J UbjjAi ^3 acl localnetwork JJ JoajjoJI oja Ljjl> Lil Ja^^J 
I jjtb «_jvs \L>L£ JojJI ,oIjl3(juuiiI feJLuuuuLi Lul ^^axj I jjtb .acl localhost 

.^S^juudJI 



l |jjL».o I P 1 3*^" «_**■"*" -QjJouui (JuLXi Jo3_^.juil t LaJULi I /jjLpbj LaOlj I 
XiJL^cii Os-V J»oIj JoJul |0 1 Jl^Juuii L aSuumjJI <_s*-9 6j^gJ>MI ^QlXjJ ^ajuulj 

■ ijjulSjuI 3I 

(JJUU1J3 tC/l Q loll jj-o fljuLJCo ^Icp I ^jpJS- O1.13 .XJ LJ I JliJl^Jj LulS-qj LaOljI 

I^AH <ojl IjJBtt JLojJ 

:«^ljljuLo^ll (jAJU JLijMui gJto 

:j3^ 

acl video urlregex -i \.avi 
httpaccess deny video 



«sl «jJLt JIjJjuJI ^j-o avi. jIjuLo^II JLqjq «_flJLo «sl LouLo Luis Ijlqj 

: s j>jVL^ OjJI oIjIjuLo^II (jjo XiJjoA\ ASL0I3 i_flJLo (LmJLjI LajI ^JnCoi 

:j3^ 

sudo -s 

touch blockedex 

nano blockedex 

- 1 Q 1 ■ J - - ■ £,LouuuJI Xijji ^1 ovjJI oljljuLo^ll (>XKj aJI vJLuol O^" 

:j3^ 



avi 

dat 

mpg 

mpeg 

wmv 

exe 

rar 

zip 

tar.gz 

tgz 

tar.bz2 

tbz 



:squid *\xs-\ . oio ^Jl oJUl ^sLo\ 9 



acl blockedex urlregex -i "/etc/squid/blockedex" 
httpaccess deny blockedex 

JLSJ OU3X1L JliJlSO Jxi JflkAS oIjIjuLo^II (jAJtjJ vJujJliL JliJlSoJ 



:j3^ 



acl blockedex urlregex -i "/etc/squid/blockedex" 
delay pools 1 
delayclass 1 1 

delay_parameters 1 4096/4096 
delayaccess 1 allow blockedex 

(squid (proxy authentication J <>juo.x>jljuulo osL*>I 

jOJOUumULp | ouuill AjxI ,J-oJ ^VojuULj OulXi SqUid (jl"°l OjLj «il«Voi 

ijl3 I -Hp ',/3,/aJI <i,oJL£ IolQ.7 C.: louuuULi LJLt 1 O LscftjOuLoJ I vaJ-^I 
b_/..o ^3^oJI «JLoJ^3 |0 Jl^jLmJLoJ I jOuuill JL>jV ^JolrAjuuiI jOJOOumMLoJI 

.6.X7I3 

jj-o c» 3A3 htpasswd ^oL^jJI ,_*JI £Ll*j Luis Jjj&> JjlslJ 

.apache-utils «u>>sJI 

■ LftJijULJLiiJ 



sudo apt-get install apache-utils 

sLouuul ijjsuuml «3JJI ifl loll cLuULiL jObS /<Lo_^J?JI Ouuuui JlXj 
lo^iVLS 1 jj-o JOtiuHULoJ I AaJI «_AaoI3 iJJ-Q JOtiuuULoJ I 

sudo -s 

touch /etc/squid/squid passwd 

htpasswd /etc/squid/squid passwd muslim 

.ajLmjljI xi^I «3jJI jQjotiuMULoJI ,oumiI 3A muslim :*Joj?\L> 

jlxC-l «_fi.JLo ,_jJI aJLJI _jj louudJI «_flb*>l / tj-yo XXjuhuloJ I sLuuul XMj 

squid 

authparam basic program /usr/lib/squid/ncsa auth 
/etc/squid/squid passwd 
acl allowedusers proxyauth REQUIRED 
httpaccess allow allowedusers 



SAMBA jIj^I -4 
(JjuljJ .samba 3A Lbjlxcl <y-a-»^ J37 Vjl? oLojaJI ^jlS"I ^j-o Lojj 

■ ojIjl£-I i*)jl& JJLIL13 A^LLoJI AjI_jLl> OjjS l r AJUuULj ^J^J^ < A « P O AJV 

«3 jj I JLoJul *■;■ L» i-juuuULi ojIjlC-I (3_^°3 **lj~^' JJ*J V**** 1 Q** »l! 

Lq_iaJ <i P » l/>3 «J-^3 «Vuuuulj_^ «_SLiL1o3 4 JLojo jjl nk\o,§ jl laiJ^j 

. Lgj «jlroL> aIa.C-1 oAj^Jo 

samba J 6J0I3 oAjlL>3 ,33^ ^jJajo ^jJ JLp-oJI \x&> if>$*ojtS\ «jJLt 

a^jLmjlo JJ3J cjuou Stand Alone Service ojlxj^^j JL«>.»-» o' o^s 

ajI^Ll> «_*^ c/°3^JI <_(JI _/ L*» »/» I ol 05^ o I jJLscqJ I3 0L0JL0JI 

II 



SAMBA ..«..;. :oJ s ^l aJL^juJI 
[root@server:~]# apt-get install samba 



jl.X£-^JI t_fiJLo -XJXjuuJ (Jul? /Ojl-X-C-L IjuuJ /LuoLuil Cajuuu ,j_o sLgJLi^H XXj 

/etc/samba/smb.conf/ : JJjJI ^ 

[root@server:~]# mv /etc/samba/smb.conf 

/etc/samba/smb.conf.orig 

[root@server:~]# touch /etc/samba/smb.conf 



})\ samba jIxc-I Oj^°3 ^OU-* o^iS" ^>o ^s-jWj /LiLiLuu <^jSi LoA" 

0.X&3 JLoJO aJLuu ln>Q9 _jj louwJ 3 «_jJI jrLiLXJ <LttjtJ.SU I <_«t9 LLil 

(smb.conf <_o.JLJI JL>b Lq^I) : % jjb j3 1ouujJ\ 

[global] 

netbios name = alpha 

workgroup = mshome 

JD "" oJJb ijvjliu IjLo 

<«uL9u samba jIjl^I vJ^-I Cj-^ «sjJI (oLJI ^uuloJI 3* [global] 

■ Jot; ,jJ ojjj 0~°3 <i5^u?l 3^3 

aSuuuuJI o^gj^l ajlAj <lojl?luuuljuuii «sjJI l ouuii^l 3A netbios name 

3J ^fuL? uuL ^LlxjJI Ijjb) JLojJI o^5axo jouuul 3A workgroup 
("workgroup" JLojJI aJoou» Jxi "domain" Jbu» JULoj oui 

:o^" samba JLotjJuui jlC-I 3I JLxjJj 

:.>3<r 

[root@server:~]# /etc/init.d/samba stop 
[root@server:~]# /etc/init.d/samba start 

ftSuuuJ «jJI J3>jJl3 J3JUL13 ajJLc- jLgJ> ,5! ,jj| v*UbjJI ^JnCoi O^l 

alpha ,001*1^1 cjou JLa ^93^ Jjl^ jouJ jL*i*H 



(Ua>I oJLt i5.9^*j V jIjl^^II *_aJL» o' a5"LJI UJb J»^o. :«_kx^M_o 

i^yiT testparm ^^1 ^oIjl^umiL 

:^3^ 

[root@server:~]# testparm 

Load smb config files from /etc/samba/smb.conf 

Loaded services file OK. 



Server role: ROLESTANDALONE 

Press enter to see a dump of your service definitions 



: JLjLo «uLuu_j jq .. *** ajI-9 <Uo? jLkjI ,oJi 3J3 

[root@server:~]# testparm 

Load smb config files from /etc/samba/smb.conf 

Unknown parameter encountered: "wrkgroup" 

Ignoring unknown parameter "wrkgroup" 

Loaded services file OK. 

Server role: ROLESTANDALONE 

Press enter to see a dump of your service definitions 

.xJLaco oSjLujlo :«ukiLJI aJL^^oJI 



Lo JLj 'I-*-? **^Q*" OjuLoX LaOljI jjulMj LloLuU |0 1 Jl^JuuiI Lt jJbxo aSjLuOlo 

:aJUI 0I3J0L7JI ^Lil 3J& «JL*_9 JLJLt 

/ go XXJuuil Luil / JLjlo^) <Xjl£j LuULo Jli^j «5>xJI JlLxoJ I JliJlSCi .1 

(/media/sda8/shares/samba 



[root@server:~]# mkdir -p /media/sda8/shares/samba 
[root@server:~]# chmod 777 
/media/sda8/shares/samba 



,_jJ-*- * Lu c: * ' 0-°3 *v Li5J I c: * o-° ■* Jl ^* juJ ~° I- 11 * 1 O I * I 

-Iq«iS...i;..i ,_j\jj| «^I_^Ll3uI 
^juJ I b J-&> y I ,j-o «0 j I ■jut o 1 1 "QjSLi Lo JuLC- ) <a£j I iuJ o 1 1 | ojuu I Jli JlSOj ■ 2 

test :_^Ll>Luj (aj_^jl>I «3jJI gouuuVL aSjLmjloJI _jq !>»---■ tj^x*j^ o * 
_jjL»— II yAJti aJI vjiuthiI /smb.conf «JlLo «jJI 6J3JJL o^" 



[global] 

netbios name = alpha 

workgroup = mshome 



[test] 

path = /media/sda8/shares/samba/test 

comment = A shared folder which will not work! 



.samba JLououu xs-\^ «_oJLoJI Jaxl^I 
jJbxo LajI^ alpha «u»-uul jLg-?" ^.q-L> ajI Ja^Mjuuu ij^^jli^ 6j^gj?l ^j-o 

dLoJLSg jOJlSouuulp ,ouuul «jLLo - * I mli ajI Ioj^Mjuuu ^jil^ test «lojuuI 
■ J^J^jJI g^ii louijmJLii jjj iJj^pJlAJuuULq 5 LouuU I ^j-o OLtLiiol I o q 03 J3J ja 

«jJI J3>jJI oL?^L> ajjJ jj_o samba ^*aj ,oJ Lj^I csjou Ijj& 

.jLe^JI 
LuJLc- / «o _j LuuuJ I o I jJpcoJ I tjJI Jcpoc^JI 03-0 jooumulqJ I c: * <_r>«-? 





i^UI^I 


(oIjl^OuuuL (oUajJLI 


JliJl? jOJlJOljuULo «_flLftol .1 


[root@server:~]# add 
home username 


user 


—disabled 


-login — 1 


10-create- 




:samba oLL 


b-Xf-Ls «_sJI go JlsOuuuloJ 1 


*ju*>l o^l -2 



[root@server:~]# smbpasswd -a username 

A4JLS3 jOJlAJuuULoJI | OUUlll (OXTOuuU^ J3JULJ3 jl-g-?" «3l «_(JI O'l v*-fc-*l 

^jJ ^^^3 /aJLSuuulo «sl 03-V ■xJbx.pJ I J3-7J «lliiVoii 101 lbL>y Lo3 

oLl^Mj^ ^fJajtj samba o^ ^-^^v l-x&g **!*■ «vl*5JI fciJouUmui 

jli^j LjI samba ^L>l U*it «aJL$JLiju» ,oj jJL?u» ,siJ J0JL9 bsl^aJI 

project Lg-ouuul oxix? oS'^Luulo (^j^mjuuLmi . jJLxqJ I Ijjfc «_jJLc- ajLlSJI 

:j3^ 



[root@server:~]# mkdir -p 
/media/sda8/shares/samba/project 
[root@server:~]# chmod 777 
/media/sda8/shares/samba/project 



loJLJI *slu>\ smb.conf ^aJLJI ^s 

:j3^ 



[project] 

path = /media/sda8/shares/samba/project 



comment = This is a writable folder 
writable = yes 



JLils jJbuJI Jjts>u «5jJI (writable = yes) jLu?JI Laj*>I Lul Ja^^J 

ajLSJI fcj; Iouuuulj ij*o ]ojl3 projectadmin jdjooumuloJI xi^ ouS* c^J 
oux (valid users = projectadmin) ^JaIuJI «_oj*>I <jJbuJI ^jJLt 

[project] 

path = /media/sda8/shares/samba/project 

comment = This is a writable folder 

writable = yes 

valid users = projectadmin 

jQ xr* JuijuloJ I 1S3JUU jJLscoJ I IjJb tjJLc ajLlSjI c: * »_m "^-gj 

.projectadmin 

) 3&3 J5MJ (JjulS'Ljco jU> UJjLjAi SJoha jQJOQuuULoJI ill ojLSJI 

:(invalid users = joha 

[project] 

path = /media/sda8/shares/samba/project 

comment = This is a writable folder 

writable = yes 

invalid users = joha 

jJLpCpJ I ,_pj| J3J1O3JI C: tOuiuuJLJi «_Jv-*JI bJ^gJ^Vl JliJlSCi «jL>Oi LiAjI 

(hosts allow = ip) jLjkJI ^IjlsuuuL JU j s JjLojuJI 

[project] 

path = /media/sda8/shares/samba/project 

comment = This is a writable folder 

writable = yes 

valid users = projectadmin 

hosts allow = 172.16.1.23, 172.16.1.24 



ajLSJI oJLt jjls oj»£juuu projectadmin ,ojl?ujuuuJI Jaas o^I 
oIj l-il loo *> jJjcqJ I tjJLt ajLlSJI c: ^** ***:**' Lj>a-« I3 ■> I ? o 1 1 «_jJLc- 



172.16.1.24 jle^JI 3 I 172.16.1.23 jL^JI <* 
fojJI Jc)>jJI ^jla^JI % jjo JLlAj samba Jjuci o' «->-> - |l 3J I^Lo 0^3 

. V 3 1 J2JJO CLojStf |OJl^JUUULO jOUUllI villjkib O^J 5I3JUJ 

: v ^jML^ smb.conf ..0 1 o 1 1 ojlsLoI ^^Jojuu 3 osL*>l LuJU- <l-x* J°»l 

:^3^ 

[global] 

netbios name = alpha 
workgroup = mshome 
map to guest = bad user 
guest account = smbguest 

[project] 

path = /media/sda8/shares/samba/project 

comment = This is a writable folder 

writable = yes 

valid users = projectadmin 

hosts allow = 172.16.1.23, 172.16.1.24 

guest ok = yes 

,oJlj % _sj^»\jjl3\ (OJlsouuulo 3& smbguest ^jouumuloJI i ojuuI :<lLx7\L> 

(jjajJ3 aS^LmjloJI O I JuLscqJ I «jJI J3>jJI J3L3C1 ^jAJtJuJ «3^ ajuuucii 

anonusers JjLo ojj> _>>l jl^I 5 ,sL ^ jooLmuloJ I Ixa j**** JLSLon 

:j3^ 

[root@server:~]# adduser —disabled-login —no-create- 
home anonuser 
[root@server:~]# smbpasswd -a anonuser 



guest ^jJI guest account = smbguest jLjJ I J-.jjo 3 

account = anonuser 

[color/]:a£jLijLoJI oljJbuJI ^Jl oLLai aJLu asl*ol"color="red] 

^ I JJEb C>Jl7 Ijl /LLxsJI J^jj^O % jS- i-fllo «_9Jl7 jOjlj <ijLl7^JI ijAXj «_jvS 

OjljLSLoI LloLjuiI jJ^j <«_ajuuuJI I.XgJ / *ui 3 LxJumJ V ^lq--i aAj_^Jo ->-?3-j! 

«l9Jl7 joJlj vJuLo «sl CjulXi aSjLujloJI O I JuLxqJJ oLiLflLi oJLuu asIaoI 

^jl£- d_jjuo.il ojulb |Q I ■X.'XJuuU I C: MuuuULi . 1-9 3 Jl3CqJ I oJLuU ^jJI i/fcXi 

:,j«VL£ recycle <uxjuuI module J**-n-. 

:j3^ 



[project] 

path = /media/sda8/shares/samba/project 

comment = This is a writable folder 

writable = yes 

valid users = projectadmin 

hosts allow = 172.16.1.23, 172.16.1.24 

guest ok = yes 

vfs object = recycle 

recycle: repository = trash 

recycle: keeptree = yes 

recycle:versions = yes 

:LgJL9L— »l ,oj ,_»njJI oJliJlsJI oljL__l ~ j juJ 

oJLuulj u oLfJ\ module Jl _L*-t-. I . o "9 : vfs object = recycle 

(recycle) L^i^t oLI_L_JI 
oLLaJI oJLj i ojuiiI >jul«jli Los : recycle: repository = trash 

(recycle. 3* _^>l^-^l) trash _«JI 

o_* l__T oljJbuJI o>3ou>j Jaa^u Log : recycle: keeptree = yes 

(csLLojJI aJLuu o_» oLaJLJI _U" _>«» 3A ovjCol^jL^yi) 

aaLl?u> oIjIju^I Jaaaj _L__aJL I.q9 : recycle:versions = yes 

.aJ _/I.Xj_»I w j^\ Jo __» ,j_o Jjli k.O loll (jjULJOLi ,j_o 
. LloLuu JLotuULii ojLc-l LuJLf- _pJQLi Lo iJS t*\xS>))\ ojdfe J_f JlXj 



3 ^>jL> jI.x£-I 

^^s LoIjlsuuuuI j__^JI apache ou^ju^II obisuo ,o.>l> j\jjs-\ jCai 

href= "http://news.netcraft.com/archives/web_server_sur 
LqJU Jq». _f_JI f>A 3 ^\\ ojuJU-3 <vey.html">NetCraft</a 

.ijjaj3JLjJ —jJaj I _»— * apache 

. ajJLc- 6_jJaj ^jvAJjLmj _3a03_JI lj— b «j— * 

^julxj;3 <— Aj_jj_yl L/b__9 f jojju jotjSLi _^>L^j _»-£■ ojIjiS- Apache 

Ol I— ' -" -L^Hll LiLol (OJ^^j— Tl i >°3 JL*— J I I J— (b «_*_» QaI^jjJI ,oj_) I ,j_o 
J___9 html «_•!_— __> ijOjS- oIjoS- _»JlRjlj ^ jj Axz* JajuuULj <JLo-£ Ijujlo 

. Ijulb L1L03J _fJI *JLi _C- 3A Ijdfeg 

aLuci «3jJI _^oVI .oLsL-i^IL 0X13JJJ AAjlSlol fiS'M Apache 0^3 

«_>LxJL aj3j_Co _^»I^j fjOjS- _j_o _t— louJuJ lo__9 html % jo^S> j^J _>JlrJlj 

PHP, Perl, Ruby, Python Jb_> a__L_ 



-i ijtAJuULi Lo (OJtXi oils fi^lsLftoVl ^J V*^ OjuuLSIoI ^jJt IjJt 

osLajlmjI AAiKol ^^3 (Virtual Hosts) m oju^>I>ls^I asLajuaj^I 11 
3A ljj^ 3 (Shared Server) .x?l 3 ^s^uu ^^JLc lx? 6^4! &s'3« 

cL9 LaJLuj I ojLSLoL .L>.P-9 JL7I3 jJ&jjkjja %j\ C**> fOiJjjiJ^JI vjJLc-I JL? 
. V^j^JLaajVI I >gi JLoJO «_».j_jji_i V I ^dlj^o djuJLf-3 {^dl^oJI oLLo 

<Apache</h4 J***^ 3 V ju4'><h4> 

:j3^ 
root@laptop:~# apt-get install apache2 apache2-utils 

root@laptop:~# /etc/init.d/apache2 start 

jo^jjjj o%9 i_«JLJI ajLlSIi !«>j>3 iJJ±jS- <jkjjjj\ qjoliajlo «sl QjlSI o^l 

http://localhost 

http://127.0.0.1 

.apache J aju^Ijjls^JI a^olroJI ^qI^- o' hpm 

aJLox 4J.O ji£\ JLo.y ^1 o^l 3* ^apache p^xaj <_*& 0JL9 LoJT 

. LajQL9 htlTll oL=XJOLm» ijetjS- 9&9 «jJLm»!SH JajuuUUlII 

<Apache</h4 jIjlcMI oLbJL> ,o^s<h4> 

«_oJLo JM> 4J.O ojIjl£-I j^oi C |ja^3JuJ <^oI_h v*-^' «J-*-<>3 Apache 
gjko7 ^fJLf- c53ji3ci »_aJLaJI Ijdbg .httpd.conf aamjI u oi> j\js-\ 

m AjljLjL? 

,_fj\ K O.JL0.J I Ijdfe ^gjuMULftJi ,oJ ijLuJ %J fXS> rtjum-pj I OUUJ13JJI «_T-9 1JAJ3 
£-0 JLoLxjJI LuJLc- Jlgoii Oul^j ajLJ>JouLo «UQLi^-Lxj ol JJL7103 oLflJLo 

._^juuli3 aJjfliiiii ojI^oJI oI^LlxJI tjvJI J3 j<o 3-ll3 apache 

c 

IdjJLJI 6_/3-aaJI JLoL 

img src="http://www.linuxdocs-> 
</ "2 ^ J sjuuL,LI"=ar.com/images/apache2 Ol.png" alt 

euojuul X7I3 JuJj J>lj 6J3?34» O I JuLxqJ I3 ol gJLoJI gjt.o.'y ^jl Jl^Juuh 

<blm£-j3 oIjJLtuo 5 oJLc- s 53jl>j 6j3jaJI «_5x3 3A LoiT ^jJ^ «apache2 



oU^Lto ^jJLc c53JL3u «3jJI sites-enabled 9 sites-available 

0L3LU oJLfc s?3^v «3jJI mods-enabled 3 mods-available 
.apache ^Jl l^sUI ^ a , S(f wJI (plug-ins) oUL*>^l 
JLiLo ajl^^LtJI ^oI^jJJ oIjIjl£-I «jJLc c53jlsci «3jJI conf.d 

•oj+i-s phpmyadmin 
aju^oI_^jl9^II ajI^jJI «_5vJLt c53jL9u «3jJI ports. conf «JlLJI jl?^ La/I 

J^3 ^Ic^oJI 0LL0 asLajuuuI apache o^°U /LojLai <^jSi LoA" 

JL>lj AXAO33 aj fjol> vJJuLo sLuuljI J^mjJO (jS- ojIjl£>I j\fl; ^9ip 

JJjJI Jb-b <J jLajl>I sLuiiL «JjutAi 3 sites-available jJbuJI 

:^h>^' (oIjl^umiL 3 I sites-enabled 

:j3^ 

root@laptop:~# a2ensite linuxdocs-ar 

JliJl^JI ^9^oJ\ JLouxjJ 

5I 

root@laptop:~# a2dissite linuxdocs-ar 

^-oVl foljLSCuwil LuLSLoL oils /6_/.SLoJI ^jjulOJ LlXjL 3J3 

:J3^ 
root@laptop:~# a2enmod php5 

(php _• u^bJI oJbJI ojuSk ^is) ijt?jL> plug-in JL».pjJ 

JulAjlj 3I 
:33V 

root@laptop:~# a2dismod php5 

plug-in Jl JLuuij <_9Loj^ 

^Lsu JLU plug-ins ojlsLo^II ^Ij^^JI ^L^I/JLaa; o»^L> ^s 
jjl9 o\LjlxjJI Jj>jjj jjJ y I3 apache «u>.x> JLououlj ojLc-I % _ r J\ 

■ JulAjulJI 



root@laptop:~# /etc/init.d/apache2 restart 



(reload) JL*..=*jJI ojUI Jaas 



:j3^ 



root@laptop:~# /etc/init.d/apache2 reload 






^ 
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